News

RSS Feed

Vulnerability-Lookup 3.0.0 released

We are glad to announce Vulnerability-Lookup 3.0.0. Our second release of 2026 is a major milestone, featuring GCVE-BCP-07 support. Now, every Vulnerability-Lookup instance can publish its own KEV catalog while integrating KEV feeds from CISA and ENISA. Let’s take a look at all the notable changes. What’s New GCVE-BCP-07: Known Exploited Vulnerabilities (KEV) Catalogs Integration There should have been a video here but your browser does not seem to support it. This release implements support for GCVE-BCP-07, enabling seamless integration with multiple Known Exploited Vulnerabilities (KEV) catalogs from different Global Numbering Authorities (GNAs). PR #310

Read more →

February 2, 2026

Vulnerability-Lookup 2.21.0 released

We’re delighted to announce the release of Vulnerability-Lookup 2.21.0. This release brings several important improvements focused on search, data ingestion, and usability. What’s New Product-level indexing & search API Making it easier to explore vulnerabilities from a product-centric angle, without specifying a vendor name. (f906064) New CSAF feeder for Schneider Electric We have recently added a new CSAF feed for Schneider Electric. (e43fa03)

Read more →

January 23, 2026

Vulnerability Report - December 2025

All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.

Read more →

January 12, 2026

Vulnerability-Lookup 2.20.0 released

Just in time for the end of the year, we’re happy to share our final release before the holidays: Vulnerability-Lookup 2.20.0 🎄 What’s New GCVE (Global CVE Allocation System): Relationships We’ve updated the bundled Vulnogram interface to better support the GCVE ecosystem. Vulnerability-Lookup now allows you to define and manage relationships between vulnerabilities, in line with the GCVE BCP-05 specification. Commit: 2f39bf8 This is a first step toward implementing full GCVE BCP-05 compliance.

Read more →

December 19, 2025

GPU Efficiency in VLAI Model Training

Experiences and Benchmarks from Months of VLAI Vulnerability Severity Classification Model Training

Read more →

December 12, 2025

Vulnerability-Lookup 2.19.0 released

We’re delighted to announce the release of Vulnerability-Lookup 2.19.0! What’s New GCVE: Global CVE Allocation System We’re pleased to announce the publication of: GCVE-BCP-02 – Practical Guide to Vulnerability Handling and Disclosure, and GCVE-BCP-04 - Recommendations and Best Practices for ID Allocation This Best Current Practice document GCVE-BCP-02 provides actionable guidance for organisations, researchers, and GCVE Numbering Authorities (GNAs) on managing and disclosing vulnerabilities effectively, both within the GCVE ecosystem and beyond.

Read more →

December 9, 2025

Vulnerability Report - November 2025

All vulnerability reports Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup, with contributions from the platform’s community.

Read more →

December 3, 2025

End-of-Year Threat Intelligence Sightings Forecast

Adaptive analysis and short-term forecast of threat intelligence sightings from key sources tracked by Vulnerability-Lookup

Read more →

December 2, 2025

Vulnerability-Lookup 2.18.0 released

We’re delighted to announce the release of Vulnerability-Lookup 2.18.0 — packed with exciting new features! What’s New Integration with Rulezet Rulezet is an open-source platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suricata, etc.). Its goal is to foster collaboration among professionals and enthusiasts to enhance the quality and reliability of detection rules. Vulnerability-Lookup can now be configured to interface with the API of any Rulezet instance, providing insights into existing detection rules related to security vulnerabilities. The default Rulezet instance enabled in Vulnerability-Lookup is hosted at https://rulezet.org and currently offers more than 122,000 security rules.

Read more →

November 14, 2025

Advancing Vulnerability Tracking and Disclosure Through an Open and Distributed Platform at Unlock Your Bain conference

Slides: Advancing Vulnerability Tracking and Disclosure Through an Open and Distributed Platform We presented “Advancing Vulnerability Tracking and Disclosure Through an Open and Distributed Platform” at the excellent Unlock Your Brain conference. A well-organised and welcoming event, Unlock Your Brain brings together a great mix of researchers, practitioners, and open-source enthusiasts—making it a perfect place to exchange ideas on vulnerability tracking and disclosure. Download the slides: https://www.vulnerability-lookup.org/files/events/2025/presentation-unlockyourbrain.pdf Feedback and Support If you find any issues or have suggestions, please open a ticket on our GitHub repository: https://github.com/vulnerability-lookup/vulnerability-lookup/issues/

Read more →

November 8, 2025

Next 2/5